Messaging Apps Introduce Growing Compliance Risks

The media is only just beginning to cover the threats created by digital communication in the workplace. Employees increasingly use personal devices and new messaging apps to communicate business information. The consequences are particularly severe in highly regulated industries such as financial services and health care. As communication applications evolve, organizations must address the legal, financial and reputational risks made possible by those tools.

Messages Simply Disappear Within Seconds of Receipt

Bloomberg notes that apps like WhatsApp, Wire and Signal allow for communications that disappear within seconds and with no way to retrieve them for records or investigatory purposes. This opens the door to a host of communication challenges from breaches of client privacy, to illegal collusion and insider trading, to the sharing of off-color, discriminatory or derogatory comments, jokes and images.

Compounding the matter, some clients prefer the new channels. Ignoring their messages and invitations to "friend" and "follow" could potentially be bad for business. "Financial firms need to keep records of all written business communications, no matter how innocuous, according to the Securities and Exchange Commission and the Financial Industry Regulatory Authority," notes Bloomberg. But new tools make it virtually impossible to capture all communications, and the conflict potentially rewards those people willing to bend the rules and use the new apps.

Current Solutions

When messages leave no trails, are on personal phones instead of business-owned devices and disappear without leaving a record, how can organizations adapt?

Firms in sensitive and highly regulated industries are fighting back with software that scans for phrases such as "take this offline" or "sent you a text" for potential follow up. But so long as there is a strong profit motive and potential competitive advantage to using new channels to share information, the regulators, compliance and ethics officers and investigators will always have an uphill fight.

Some common practices from the financial industry, specifically, to consider:

Provide training and have employees sign documents where they attest they will not use personal, unmonitored digital communication in the workplace

Could Hacking Ironically Be Part of a Better Solution?

In 2017, a theme is emerging around mobile messaging apps being vulnerable to hacking, which may serve as a deterrent to heavy users. The Guardian pegged to revelations that "attackers could exploit a security vulnerability in WhatsApp to snoop on its users."

Hackers may well have the incentives to keep pace with new technologies among a welter of messaging options. Educating employees about these kinds of vulnerabilities may prove to be a stronger disincentive than policies and compliance protocols.

Sign up for the SPARK newsletter

Follow us

SPARK

SPARK Powered by

The views expressed on this blog are those of the blog authors, and not necessarily those of ADP. This blog does not provide legal, financial, accounting, or tax advice. The content on this blog is “as is” and carries no warranties. ADP does not warrant or guarantee the accuracy, reliability, and completeness of the content
on this blog. After 20 days, comments are closed on posts. Comments are subject to moderation. Comments that include profanity or abusive language will not be posted.